CHARLES B. GORDON 
THOMAS P. SCHILL 
DAVID B. DEIOMA 
JOSEPH J. CORSO' 
HOWARD G. SHIIV|OL. 
JEFFREY J. SOPK©^ 
JOHN P. MURTAU 
JAMES M. MOORE 
MICHAEL W. GARVEY^frN 
RICHARD A. SHARPE " 
RONALD M. KACHMARJK 
PAUL A. SERBINOWSKI 
BRIAN G. BEMBENICK 
AARON A. FISHMAN 




Vol 63103^ 



ARNE & GORDON LLP 

ATTORNEYS AT LAW 
1801 EAST 9th STREET 
SUITE 1200 
CLEVELAND, OHIO 44114-3108 
TEL: +1 (216) 579-1700 FAX: +1 (216) 579-6073 
EMAIL: ip@pearnegordon.com 



STEPHEN S. WENTSU 
ROBERT F. BODI 
SUZANNE B. GAGNON 
UNA L. LAURICIA 
STEVEN J. SOLOMON 
GREGORY D. FERNENGEL 
BRYAN M. GALLO 
BRAD C. SPENCER 
OF COUNSEL 
LOWELL L. HEINKE 
THADDEUS A. ZALENSKI 
PATENT AGENT 
TOMOKO ISHIHARA 

PATENT. TRADEMARK. 
COPYRIGHT AND RELATED 
IN i tLLECTUAL PROPERTY LAW 



August 29, 2006 



Commissioner for Patents 
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Alexandria, VA 22313-1450 
Re: 



U.S. Patent No. 7,079,654 
Issued: July 18, 2006 
Inventor: Remery et al. 
Our Docket No.: 34333 



0 1 CorrecAW 



Sir: 

A Certificate of Correction under 35 U.S.C. 254 is hereby requested to correct Patent Office printing 
errors in the above-identified patent. Enclosed herewith is a proposed Certificate of Correction (Form No. 
PTO-1050) and documentation in support of the proposed corrections for consideration. 

It is requested that the Certificate of Correction be completed and mailed at an early date to the 
undersigned attorney of record. The proposed corrections are obvious ones and do not in any way change 
the sense of the application. 

We understand that a check is not required since the errors were on the part of the Patent and 
Trademark Office in printing the patent. 



JJS:ljw 
Enclosures 



Very truly yours, 




I hereby certify that this correspondence is being deposited 
with the United States Postal Service as first class mail in 
an envelope addressed to: Commissioner of Patents, P.O. 
Box 1450, Alexandria, VA 22313-1450 on the date indi- 
cated below. 

Jeffrey J. Sopko 

Name of Attora^ foj Applicant(s)> 



Date 
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UNITED STATES PATENT AND TRADEMARK OFFICE 
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PATENT NO. 



7,079,654 
July 28, 2006 
Remery et al. 
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DATED 



INVENTOR(S) 



It is certified that error appears in the above-identified patent and that said Letters Patent is hereby 
corrected as shown below: 



In Column 5, line 53, please delete "(n-2)" and insert - -(n-2) th - - 

In Column 5, line 54, please delete "(n-1)" and insert - -(n-1) th - - 

In Column 5, line 55, please delete "(n-1)" and insert - -(n-1) th - - 

In Column 6, line 10, please delete "K 1)3 (K„ 4 (. . . (K^ ^ (m„ J, m„J,... m M ) , M 1f 

3 ) and insert - -K 1l3 (K„ 4 (. . . (K 1t n ., (m,, n ), m,, „.,) , . . . m 1i4 ) , M 1>3 )- - 

In Column 6, line 18, please delete "K 1j+1 (K 1i+2 (...(K 1n+1 (K 1 , n (m 1 , n )),m 1 , n . 1 ),...m 1j+2 ),m 1 , i+1 )" 

and insert - -K 1ii+1 (K 1)j+2 (...(K 1>lv1 (K 1in (m 1in )),m 1n . 1 ),...m 1ii+2 ),m 1ij+1 )- - 

In Column 7, line 24, please delete % >2 (.»K 1 j(K^...K l ^(m 1iB ),...m 1iK1 ),m 1i ,)...m 1i2 )" and 

insert - -K 1)2 (...K 1ii (K 1ij+1 (...K 1in (m 1n ),...m 1>j+1 ),m 1ii )...m 1(2 )- - 

In Column 8, line 16, please delete "K i , i+1 (m ji+1 ),K i i+2 (m i i+2 ),...K i1 (m ii1 ),.m 1 and insert 

- -^("ViM^^w)^^ - 

In Column 8, line 33, please delete "K 2Jf1 (...K 1in (m 1in ),...m l j t1 )" and insert 

- ■Ki i j +1 (...K 1n (m 1in ) ) ...m 1ij+1 )- - 

In Column 9, lines 14, 15, 16 and 17 please insert the following: 



--MS 
MS increments its 
counter: 



NT MS =NT MS+ 1-- 
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"encapsulation" to describe the use of a cryptogram 
X=K' (m) as a message. 

• When cryptogram K (X # m) is intended to preserve the 
message's integrity but the channels that it must 
5 follow are controlled by entities that have an 

interest in X being transferred, we can obtain 
K.. (K(m' ) ,m)=K(m' ) | |k' (m) , for example, where there 

are no restrictions to which algorithm may be used to 
calculate the cryptograms. 

10 

We will describe four examples of preferred 
embodiments for this method: 

Example 1: Total encapsulation at source and 
15 progressive decapsulation 

The source builds a message m 1/D combining all of 
the transaction data and calculates a first cryptogram 
Ki,n(n\i, n ) of this first message using a first key system 
K lfn that it shares with the last n th entity; the source 

20 then links a second message m 1/n -i with the first 
cryptogram and calculates a second cryptogram Ki, n - 
i (Ki f n(n\i fn ) ,mi #n -i) of the whole using a second key system 
Ki, n -i that it shares with the last but one (n-l) th 
entity, and so on; the first entity links an (n-l) th 

25 message m i/2 with the (n-2) tn cryptogram previously 
obtained and calculates an (n-l) th cryptogram of the 
whole using the (n-l) th key system K lf2 that it shares 
with a second entity; the source then sends the last 
calculated cryptogram across the communication network 

30 to entity 2 . 
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We can represent this first stage in the following 
diagram, where the arrow pointing towards the right 
symbolises information being transferred between entity 
1 (left) and entity 2 (right) : 

5 

Entity 1 Entity 2 

Ki,2 (Ki,3 (K 1/4 { . . . (Ki.n-i (K lfI1 (mi #n ) , mi, n .i) , . . . m i#4 ) , m 1(3 ) , m 1/2 ) 

> 

10 Entity 2, which receives the message from entity 1, 

partially decapsulates this message using key 
system K if2 ; entity 2 checks (and possibly stores) the 
cryptogram intended for it (in this case the signature 
of message m 1#2 ) , then sends the rest of the message to 

15 entity 3. Using the same conventions, we therefore 
obtain the following diagram: 

Entity 2 Entity 3 

Ki, 3 (Ki #4 ( . . . (Ki, n -i (K lf R (m i( n ) , m i# n -i) , . . . m 1<4 ) , m lt 3 ) 



20 



25 



This method is then repeated so that the message 
gradually reaches entity n. For the intermediate 
entities i and i+1, we obtain: 

Entity i Entity i+1 

Ki,i+i (Ki, i+2 ( . . . (Ki, n -i (Ki f n (mi f n ) ) , m 1/n _i) , . . . m lt i+2) t ^i,±+i) 



30 Lastly, the last but one entity (n-1) sends the 

last cryptogram K lfn (mi, n ) to recipient (n) which uses 
key system K 1#n to retrieve the message intended for it: 

Entity n-1 Entity n 
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Entity i Entity i+l 

Ki f i+i (Ki f i +2 (Ki f i +3 ( . . . (Ki f n-! (K i#n {m ijn ) ) , m 1#n . 
i) / . . .tni f i +3 ) ,Tni <i+2 ) ,irii f i +1 ) 

and so on through the entities of the second group 
until the last but one entity, n-1, which sends the 
last cryptogram to recipient n. 

Example 3 : General scenario 

Entity 1 shares a key system with some of the 
entities on the communication route, which for the 
purposes of simplicity in this presentation we will 
suppose to be 2, . i, j+i, . .., n . Entity 1 

therefore partially encapsulates the data as shown in 
the following diagram: 

Entity 1 Entity 2 

Ki,2 ( • - . K 1( i (K lf j +1 ( . . . Ki (n (m 1( n) , • . .mi, j+i) , m lri ) . . . m 1/2 ) 

> 

Each intermediate entity uses the appropriate key 
system to decapsulate the message that it receives, 
until the message reaches entity i: 

Entity i-1 Entity i 

Ki , i ( Ki , j +1 ( . . .K 1(n (m 1;n ) , . . . m x f j +1 ) , m x t j ) 



Each actor (in this case, only "i") extracts the 
message sent to it, so obtaining the remainder of the 
message intended for an actor that is not adjoining it 
on the route, and then re-encapsulates it for the 
adjoining entity and any following entities. 
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no reason for the entities involved to falsify the 
messages . 

Entity i Entity i+1 

Ki,i + i (m i#i+1 ) , Ki, i+2 (m it i +2 ) / - . - K ifl (m i(1 ) , K lt j+1 ( . . . K 1<n (m 1#n ) , . . 

•nii f j+i) 



Each intermediate entity receives and checks the 
message sent to it, using the key system, until the 
message reaches entity j . 

Entity j-1 Entity j 

Ki, j (m if j ) , K if j+i ( . . . Ki #n (mi, n ) / . . . m lf j+1 ) 



Entity j receives and checks the message sent to 
it. This message is then sent gradually from j+1 to n: 

Entity j Entity j+1 

Ki , j +i ( . . . Ki t n ( mi , n ) , . . . m x / j +1 ) 



Entity n-1 Entity n 

Ki, n (Tn if n) 



Example 4: electronic wallet (PME) 

In this example, the entities (or actors) are as 
follows : 

• PME cards (A) , 

• service points (P) that are capable of 
receiving the cards, 

• service point concentrators, together with 
their security module (MS) , 
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A P MS 

K A , M (NT A/ NT MS/ ID„ S ) K A/M (NT A/ NT MS/ ID MS ) MS increments 

< < its counter: 

NTms-NTms+1 

Card A checks the data that it has received and 
resets the running total to zero (RunningTotal = 0 ) . 

The service unit consumption cycle then begins. The 
5 following operations are then performed: 

A P 

order to debit amount m 
< 

10 

RunningTotal : =RunningTotal+m 
microtransaction calculated 

15 

K A , P (M,K A , M (M,K A , E (M' ) ) 



where M= (m, RunningTotal , NT A/ NT MS/ ID MS ) 
and M' = (RunningTotal , NT A/ NT MS , ID„ S ) 

20 

P checks the data that 
has been sent to it 
RunningTotal : =RunningTotal+m 

25 

The process then returns to the. beginning of the 
cycle if use of the service is not complete. At the end 
of the service session, the following final exchange 
30 takes place: 



